Skip to content

Commit 07b6c73

Browse files
committed
Fix PKCE auth redirect mismatch by skipping auth check in callback middleware
1 parent 3b2b857 commit 07b6c73

1 file changed

Lines changed: 6 additions & 0 deletions

File tree

src/lib/supabase/middleware.ts

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,12 @@ export async function updateSession(request: NextRequest) {
2727
return NextResponse.redirect(url);
2828
}
2929

30+
// Skip the middleware entirely for the auth callback route!
31+
// Calling supabase.auth.getUser() here before the route handler can corrupt the PKCE code_verifier cookie.
32+
if (pathname.startsWith('/auth/callback')) {
33+
return NextResponse.next({ request });
34+
}
35+
3036
let supabaseResponse = NextResponse.next({ request });
3137
let storedCookies: { name: string; value: string; options: any }[] = [];
3238

0 commit comments

Comments
 (0)